<?php
/* FILE: process_delete_collection.php
 * DESCRIPTION: Process called when a user presses a delete button in collection_list.php
 * POST DATA: N/A
 * GET DATA: cname (collection name)
 */ 
	//Get the session
	session_start();
	//Includes
	include('config.inc');
	include('includes/functions.php');
	
	$collectionName = $_GET['cname'];
	//Check to see if user is owner of collection
	if(getUID($collectionName) == $_SESSION['user_name'])
	{
		$dropTable = "DROP TABLE " . mysql_real_escape_string($collectionName) . ";";
		$deleteItems = "DELETE FROM item WHERE item_collection_name = '"
			. mysql_real_escape_string($collectionName)
			. "' AND item_user_id = '"
			. mysql_real_escape_string($_SESSION['user_name'])
			. "';";
		$deleteAttributes = "DELETE FROM attribute WHERE attribute_collection_name = '"
			. mysql_real_escape_string($collectionName)
			. "' AND attribute_user_id = '"
			. mysql_real_escape_string($_SESSION['user_name'])
			. "';";
		$deleteCollection = "DELETE FROM collection WHERE collection_name = '"
			. mysql_real_escape_string($collectionName)
			. "' AND collection_user_id = '"
			. mysql_real_escape_string($_SESSION['user_name'])
			. "';";
		
		//Drop the table named [user]_[collectionName]
		if(!$query = mysql_query($dropTable))
		{
			die($dropTable);
		}
		//Delete items from the item table that were referenced by the deleted table
		if(!$query = mysql_query($deleteItems))
		{
			die($deleteItems);
		}
		//Delete attributes that were referenced by the deleted table
		if(!$query = mysql_query($deleteAttributes))
		{
			die($deleteAttributes);
		}
		//Delete the collection entry from the collection table
		if(!$query = mysql_query($deleteCollection))
		{
			die($deleteCollection);
		}
		
		//Update the header
		header('Location: collection_list.php');
	}
	else
	{
		unset($_SESSION['user_name']);
		header('Location: index.php?err=denied');
	}
?>